


Tiger On The Web

by RueRambunctious



Category: Sherlock (TV), Sherlock Holmes & Related Fandoms
Genre: Blogging, Cybercrimes, Hacking, M/M
Language: English
Status: Completed
Published: 2018-03-05
Updated: 2018-03-05
Packaged: 2019-03-27 11:26:19
Rating: Teen And Up Audiences
Warnings: No Archive Warnings Apply
Chapters: 1
Words: 1,560
Publisher: archiveofourown.org
Story URL: https://archiveofourown.org/works/13879884
Author URL: https://archiveofourown.org/users/RueRambunctious/pseuds/RueRambunctious
Summary: Sebastian has a cursory understanding of the internet. Jim teaches his pet tiger a new skill.





	Tiger On The Web

For the most part, Sebastian keeps well away from Jim's office unless he is summoned there. Secluded in the near darkness amongst the luridly gloomy screens the brunet rather seems drained not only of sunlight, but of his more human qualities. Jim might be patient as far as coding or plotting is concerned, spending days and months and even years adding and tweaking strands of his convoluted web, but he is decidedly short with mankind within this room.

And by mankind, Sebastian means Sebastian, because Jim never lets anyone else enter this domain. His lair, Sebastian often thinks of it.

Sebastian is not entirely clear on most of what Jim does in here, and is entirely unclear as to the 'how'. At least, the bodyguard understands that Jim is using computers and presumably the web (the internet and Jim's tangle of connections being heavily linked in Sebastian's mind) but beyond that? Sebastian has little clue.

It is not that Sebastian is a Luddite or anything. (That's a word he looked up, once, after Jim snapped it at the man once too often). Sebastian can use a computer as competently as the next ordinary bloke (of course he sodding can, despite Jim's belief of his ineptitude Sebastian _did_ graduate from Oxford). The bodyguard can write and email and even scan documents. He knows how to use the incognito mode and delete (at a rudimentary level) his browser history. Sebastian can tell when he needs to plug in a wireless keyboard and understands why he no longer needs to blow on a sticky mouse. He can even use basic formulas on a spreadsheet! _And_ since his brother taught him, Sebastian can even find an illegal stream of any given sports game to watch. (Doing that last step without infesting his laptop Sebastian is yet to manage, but he only really uses the machine for porn and the odd email anyway).

None of this impresses Jim. The brunet has, in moments of rare patience, tried to show Sebastian how to look after his unfortunate machine. Sebastian was not entirely convinced Jim was not insulting him when the brunet explained that the way the laptop was infested was not unlike Seb visiting several downmarket brothels without much effort towards personal protection.

Most of the lessons didn't stick, but Jim was in the habit of replacing Sebastian's devices with paranoid frequency anyway, so it hardly makes much difference.

Sometimes Jim would draw Sebastian's attention to the news and try to explain how such events came about. The Panama Papers, Jim explained, was a case where hackers managed to steal 11.5 million documents from a law firm, Mossack Fonseca, and leak them to various online news outlets. There was an awful lot of dubious information amidst those documents (as there tended to be in anything Jim paid attention to).

Apparently, the hackers were from a foreign country and gained entry due to outdated software (unpatched versions of WordPress and Drupal content management systems, whatever that really meant). Jim went on about zero days and software patches and Sebastian kind of followed.

Jim went on to lecture that few, if any, devices on the internet were truly secure. He claimed it was merely a matter of time spent discovering the vulnerabilities and exploiting them. Sebastian recognised buzz words like 'Trojans' and 'malware' although he would have been hard pressed to explain them had Jim quizzed him on them. Jim also spoke of inside information leaks, and that made sense to Sebastian. He spoke of brute force, and that made sense to Sebastian until he said something about 'automated repetitive password trials.' Then Jim spoke about insecure telnet / FTP access and Sebastian did not understand at all.

Jim ranted for a while about how it was genuinely difficult to ensure someone was entirely impervious to attack due to the never-ending trend of new software, but many companies do not even have a social media policy, much less a safe use policy for the internet or a disaster recovery policy. Probably never even heard of running intrusion detection systems. Such companies, in Jim's eyes, are rather _asking for it_.

“What about things that aren't companies?” Sebastian had asked.

“Like a hospital?” Jim clarified. _Jim from IT _had been simply aghast to find St. Bart's had no patching schedule. They did not happen to use Flash, but only because their machines were too out-dated and painfully slow to support it functionally.__

__Sebastian squirmed. “Like… a blog?”_ _

__Jim had stared at his bodyguard long and hard, and that had led to where they are at now, with Sebastian receiving an education he is barely just following. Jim calls it reconnaissance. Seb used to think he was good at that._ _

__“You know what an IP address is?” Jim asks._ _

__Sebastian bluffs that he does._ _

__“Naturally, I know offhand what the IP address of the particular server your after is, but if you wanted to look that up, we would just ping the website,” Jim says._ _

__-# ping www.johnwatsonblog.co.uk|_ _

__Sebastian watches as a couple of paragraphs of unintelligible code appear on the screen before them. He has no idea what packets are._ _

__“As you can see, it instantly replies that it's active,” Jim says. He does not bother to highlight the numbers showing the IP address, but his bodyguard can guess. “Now, we want to find out which ports are open. Basically doorways we can use to get into the web server. Of course, you'll understand that to break into a building successfully it makes sense to weigh up each point of entry. To do this, there is a tool called 'nmap'.”_ _

__Sebastian cringes as more than a page full of dense text pours down the screen._ _

__Jim's lips quirk at Seb's expression. “Yes, a wide variety of parameters, I know. Now, typing 'nmap' and putting in the IP address we are trying to attack… that is, break into...”_ _

__A list of several ports appears on the screen. Most of them are recorded under the state 'open'._ _

__“It should be obvious even to you that there are a range of different ports open and services running,” Jim says. Sebastian nods slowly. Jim points one out. “FTP is generally quite a weak protocol.” The brunet moves his cursor between 'telnet' and 'smtp'. Sebastian is uncertain which to focus on as Jim says, “Email is often another weak point if you cannot exploit FTP. But we'll stick with FTP for now.”_ _

__-# nmap -sV|_ _

__Jim looks at Sebastian. The cursor blinks._ _

__“sV is essentially a service and scripts scan,” the brunet explains. Sebastian smiles like he has the remotest idea what that means._ _

__Jim's fingers fly over the keyboard again as he fills in:_ _

__-# nmap -sV -sC www.johnwatsonblog.co.uk -p |_ _

__Jim tilts his head at Sebastian with a smirk. “What's the port number, darling?”_ _

__The bodyguard warily suggests the number in the same row as 'FTP' and 'open'. Jim smiles at him like a dog who has performed a simple trick and types Sebastian's answer. He hits 'enter'._ _

__Jim points as fresh writing appears on the screen. “Again, we have confirmation that we've got the FTP server software, but now we know which version, which is helpful. And this bit here means that anonymous FTP logins are allowed. This can have its purpose, but naturally is not the most secure option.”_ _

__Jim smirks at Sebastian. “We have enough information to move forward.”_ _

__Jim opens a tab on a browser already bristling with them and pulls up a website whose logo appears to be a cockroach. “Exploit Database,” Jim explains. “Popular website that lists the latest known security exploits.”_ _

__Sebastian smiles at him. It seems a very Jim think to know. Although, Jim probably knows quite a few things which aren't listed._ _

__Jim moves to an advanced search with ease and pulls on various dropdown options. “I would normally have 'linux' here but your machine is… pedestrian,” Jim mutters, not so much to Sebastian, but more as an almost-apology to the box. Sebastian makes little comment._ _

__Jim goes on to mumble about remote something or other. His search pulls up what seems to Sebastian to be an intimidating amount of information, but the brunet draws the bodyguard's attention to the version number from earlier and Seb almost feels like it makes sense when Jim matches that up with an option on the database's list._ _

__Jim opens the tab to display some colourful code and leans back to let Sebastian peruse it warily._ _

__“We have now completed the reconnaissance stage,” Jim tells him cheerfully. “Figured out a particular exploit against a particular service that's running on the victim's machine. Now. Shall we get on to the fun part?”_ _

__Sebastian's ears prick. _The fun part_? He's not entirely certain hacking with next to no knowledge of coding is something he can ever describe as 'fun' but… Well. He's just had Jim's attention for a whole twenty minutes. Sebastian is perfectly happy to draw that time out for longer._ _

__Sebastian never does learn how to clean up the viruses on his laptop but he does find that in his downtime he gravitates towards sending viruses to a certain unfortunate ex army doctor's own computer._ _

__Jim does not mention that he sets aside time to go in and tidy up the trail his tiger leaves behind._ _

**Author's Note:**

> Loosely based on a cyber security lesson from Dr Nick Patterson of Deakin University. Accessing web servers you don't control is of course illegal, so don't try this at home, folks! :)


End file.
